US20140138438A1 - Reader device, data processing apparatus mounted with the same and genuine/counterfeit judgment method - Google Patents
Reader device, data processing apparatus mounted with the same and genuine/counterfeit judgment method Download PDFInfo
- Publication number
- US20140138438A1 US20140138438A1 US14/234,471 US201314234471A US2014138438A1 US 20140138438 A1 US20140138438 A1 US 20140138438A1 US 201314234471 A US201314234471 A US 201314234471A US 2014138438 A1 US2014138438 A1 US 2014138438A1
- Authority
- US
- United States
- Prior art keywords
- chip
- genuine
- reader device
- command
- storage medium
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K5/00—Methods or arrangements for verifying the correctness of markings on a record carrier; Column detection devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/72—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
- G06F21/725—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits operating on a secure reference time value
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/77—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K19/00—Record carriers for use with machines and with at least a part designed to carry digital markings
- G06K19/06—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
- G06K19/067—Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
- G06K19/07—Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
- G06K19/073—Special arrangements for circuits, e.g. for protecting identification code in memory
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07D—HANDLING OF COINS OR VALUABLE PAPERS, e.g. TESTING, SORTING BY DENOMINATIONS, COUNTING, DISPENSING, CHANGING OR DEPOSITING
- G07D7/00—Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency
- G07D7/01—Testing electronic circuits therein
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Mathematical Physics (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Credit Cards Or The Like (AREA)
Abstract
Description
- The present invention relates to a reader device for reading information from a form or a card, and in particular to a technique for judging whether a form or card is a genuine or counterfeit one.
- Conventionally, reader devices for reading information from a form (for example, a passport which includes an IC chip) or a card (for example, an IC card) have been used, and, as such a reader device, those provided with a function of judging whether a form or card is a genuine or counterfeit one have been proposed.
- For example, a method is known in which genuine/counterfeit judgment of a passport is performed on the basis of image data obtained by radiating infrared rays or ultraviolet rays onto the front face of a passport (on the basis of whether or not a particular pattern stands out, whether or not there is something unnatural in an image, or the like) (see Patent Literature 1).
- Especially, on an IC card, such a hologram mark that a particular pattern stands out is formed on the surface of the card so as to detect whether the card is counterfeited (see, for example, Patent Literature 2). A method for detecting the hologram mark is also known (see, for example, Patent Literature 3).
- In conventional reader devices, however, the operation load of image processing is heavy because genuine/counterfeit judgment is performed on the basis of image data or a hologram mark, and much time may be required to perform genuine/counterfeit judgment of a form or a card. Furthermore, it becomes possible to duplicate such an image data or a hologram mark with the recent progress of image forming techniques, and detection of counterfeiting may not be certainly performed by the genuine/counterfeit judgment using such a superficial and physical image forming technique.
-
- [Patent Literature 1] Japanese Patent Laid-Open No. H07-200913
- [Patent Literature 2] U.S. Pat. No. 5,549,953
-
- [Patent Literature 3] U.S. Pat. No. 5,568,251
- The present invention has been made under the above background. The object of the present invention is to provide a reader device capable of performing genuine/counterfeit judgment of a form or a card in a short time and enhancing the accuracy of the judgment, which is not influenced by superficial and physical duplication.
- An aspect of the present invention is a reader device reading information from a form or a card, wherein the form or the card includes an IC chip executing a command transmitted from the reader device; and the reader device is provided with: a command transmission section transmitting plural commands to the IC chip; a transmission control section performing control to cause rates of transmission for transmitting the plural commands to be different from each other; a required time measurement section measuring each of required times after transmitting each of the plural commands to the IC chip until receiving a response to the command from the IC chip for each of the plural commands when the rates of transmission are caused to be different from each other by the transmission control section; an operation time calculation section calculating an operation time required for execution of the command in the IC chip on the basis of several required times measured by the time measurement section; and a genuine/counterfeit judgment section judging whether the IC chip is a genuine or counterfeit one on the basis of the operation time calculated by the operation time calculation section.
- Other aspects of the present invention exist as described below. Therefore, disclosure of the present invention is intended to provide aspects of a part of the present invention and is not intended to restrict the scope of the present invention described and claimed here.
-
FIG. 1 is a block diagram of a reader device in a first embodiment of the present invention. -
FIG. 2 is a diagram for illustrating a time required after transmitting a command until receiving a response in the first embodiment of the present invention. -
FIG. 3 is a diagram illustrating how to calculate an operation time from the required times in the first embodiment of the present invention. -
FIG. 4 is a block diagram for illustrating update of data for genuine/counterfeit judgment in the first embodiment of the present invention. -
FIG. 5 is a diagram for illustrating an operation time for each generation of an IC chip in the first embodiment of the present invention. -
FIG. 6 is a flowchart for illustrating an operation of the reader device in the first embodiment of the present invention. -
FIG. 7 is a block diagram showing a reader device of a second embodiment. -
FIG. 8( a) is a diagram about a case where a conventional reader device reads a genuine IC card provided with a proper-generation IC chip, which is held by a legal holder, andFIG. 8( b) is a diagram about a case where areader device 21 of the second embodiment reads a genuine IC card provided with a proper-generation IC chip, which is held by a legal holder. -
FIG. 9 is a flowchart of a process after a password is inputted to a PIN pad of the reader device until card holder authentication and a genuine/counterfeit judgment of an IC card are performed. -
FIG. 10( a) is a diagram about a case where a conventional reader device reads an IC card counterfeited by a malicious third person with the use of an old-generation IC chip, andFIG. 10( b) is a diagram of a case where the reader device of the second embodiment reads an IC card counterfeited by a malicious third person with the use of an old-generation IC chip. - The present invention will be described in detail below. However, the detailed description below and accompanying drawings do not limit the invention.
- A reader device of the present invention is a reader device reading information from an information storage medium such as a form and a card, wherein the information storage medium includes an IC chip executing a command transmitted from the reader device; and the reader device has a configuration including: a command communication section transmitting the command to the information storage medium and receiving a response signal from the information storage medium obtained as a result thereof; a storage section storing feature points of the IC chip, and a genuine/counterfeit judgment section extracting the feature points from the response signal from the information storage medium and judging whether the IC chip is a genuine or counterfeit one on the basis of the extracted feature points.
- According to this configuration, genuine/counterfeit judgment of an IC chip is performed on the basis of extracted feature points. According to the present invention, it is possible to improve the judgment accuracy of the genuine/counterfeit judgment because of not being influenced by superficial and physical duplication.
- The reader device of the present invention may further include: a communication control section causing the command communication section to transmit a first command and, after receiving a response signal from the information storage medium obtained as a result thereof, causing the command communication section to successively transmit a second command that is the same as the first command and that has a different communication specification; and a control section controlling the communication control section and the genuine/counterfeit judgment section.
- According to this configuration, by causing communication specifications of the plural transmitting commands for the IC chip to be different from each other, feature points are extracted from plural response signals from the information storage medium.
- The feature points are management information about the information storage medium and generation discrimination information for discriminating the generation of the IC chip of the information storage medium; and the storage section of the reader device of the present invention stores the generation discrimination information about the IC chip associated with the management information about the information storage medium; and the genuine/counterfeit judgment section of the reader device of the present invention may discriminate the generation of an IC chip that is supposed to be mounted on the information storage medium from the management information about the information storage medium and judges whether the generation discrimination information is about the IC chip of the generation that is supposed to be mounted.
- According to this configuration, it is possible to, by causing communication specifications of the plural transmitting commands for the IC chip to be different from each other, judge whether or not generation information about the IC chip obtained from plural response signals from an information storage medium corresponds to generation information about the IC chip associated with management information, and, therefore, it is possible to judge whether the information storage medium mounted with the IC chip is a genuine or counterfeit one.
- The generation discrimination information in the reader device of the present invention is an operation time required for the IC chip of the information storage medium to execute the command; the communication specification is a rate of transmission; the storage section stores operation time information about the IC chip associated with the management information about the information storage medium, for each generation; and the genuine/counterfeit judgment section may discriminate the generation of the IC chip that is supposed to be mounted on the information storage medium from the management information about the information storage medium and judge whether the operation time is included in operation time information about the IC chip of the generation that is supposed to be mounted.
- According to this configuration, it is possible to, by causing rates of transmission of the plural transmitting commands for the IC chip to be different from each other, discriminate generation information about the IC chip based on the operation time of the IC chip obtained from plural response signals from an information storage medium. Then, since it is possible to judge whether generation information about the IC chip corresponds to generation information about the IC chip associated with management information, it is possible to judge the information storage medium mounted with the IC chip is a genuine or counterfeit one.
- The control section of the reader device of the present invention may further include: a required time measurement section measuring each of a first required time required after transmitting the first command to the information storage medium until receiving a first response signal of the information storage medium to the first command and a second required time required after transmitting the second command to the information storage medium until receiving a second response signal of the information storage medium to the second command; and an operation time calculation section calculating an operation time required for execution of the first command and the second command in the IC chip of the information storage medium, on the basis of these first required time and second required time.
- According to this configuration, rates of transmission (communication speeds) at the time of transmitting a command to an IC chip are caused to be different from each other, and a time required after transmitting the command until receiving a response to the command is measured. Then, an operation time required for execution of the command in the IC chip is calculated on the basis of the required times, and it is judged whether the IC chip is a genuine or counterfeit one on the basis of the operation time. According to the present invention, it is possible to perform genuine/counterfeit judgment of an IC chip (genuine/counterfeit judgment of a form or a card) with a smaller operation load and in a shorter time in comparison with image processing. Furthermore, the judgment accuracy of the genuine/counterfeit judgment can be improved because of not being influenced by superficial and physical duplication.
- Both of the first command and the second command transmitted by the reader device of the present invention may be illegal authentication commands generated so that such a response signal is obtained that an access to information stored in the information storage medium is rejected by the information storage medium.
- According to this configuration, a feature point (for example, an operation time) different from a feature point obtained when a legal authentication command is transmitted is obtained by transmitting an illegal authentication command. Especially when a difference between the feature points is remarkable in a counterfeit information storage medium mounted with an illegal (for example, old-generation) IC chip, the counterfeit information storage medium is found more easily.
- The communication control section of the reader device of the present invention may control the command communication section to transmit a legal authentication command generated so that such a response signal is obtained that an access to information stored in the information storage medium is authenticated by the information storage medium, before transmitting the illegal authentication commands.
- According to this configuration, the number of times that an information storage medium is collated never exceeds an upper limit, and it is possible to prevent a genuine information storage medium held by a legal holder from being disabled.
- The communication control section of the reader device of the present invention may control the command communication section to, if the generation discrimination information is judged to be generation information about the IC chip of the generation that is supposed to be mounted, as a result of the judgment by the genuine/counterfeit judgment section, transmit a legal authentication command generated so that such a response signal is obtained that an access to information stored in the information storage medium is authenticated by the information storage medium.
- According to this configuration, the number of times that an information storage medium is collated never exceeds an upper limit, and it is possible to prevent a genuine information storage medium held by a legal holder from being disabled.
- The communication control section of the reader device of the present invention may control the command communication section to, if the generation discrimination information is judged not to be generation information about the IC chip of the generation that is supposed to be mounted, as a result of the judgment by the genuine/counterfeit judgment section, further transmit an illegal authentication command generated so that such a response signal is obtained that an access to information stored in the information storage medium is rejected by the information storage medium.
- According to this configuration, an information storage medium is made unavailable and cannot be used any more. Even if a malicious third person attempts to use the information storage medium again with a conventional reader device after using the information storage medium with the reader device and running away because it is nearly found that the information storage medium is a counterfeit one, it is possible to prevent the malicious person from doing it. Then, it is possible to reduce spread of damage due to illegal use of the counterfeit information storage medium.
- The reader device of the present invention may further include a data update section updating data of the feature points stored in the storage section.
- According to this configuration, the storage section stores data about feature points for genuine/counterfeit judgment of an IC chip, and the data is updated on the basis of information obtained by other means such as genuine/counterfeit judgment of the IC chip by judgment means other than the genuine/counterfeit judgment (for example, genuine/counterfeit judgment using an image or magnetism). Thereby, the data (the data for genuine/counterfeit judgment of the IC chip) stored in a database section is appropriately updated, and the accuracy of genuine/counterfeit judgment of the IC chip by the genuine/counterfeit judgment section is improved.
- A data processing apparatus of the present invention is provided with any of the reader devices described above, and, if an IC chip is judged to be legal by the genuine/counterfeit judgment section, the data processing apparatus executes subsequent data processing.
- According to this configuration, genuine/counterfeit judgment of an IC chip is performed on the basis of extracted feature points. According to the present invention, it is possible to improve the judgment accuracy of the genuine/counterfeit judgment because of not being influenced by superficial and physical duplication. If judging the IC chip to be legal, the data processing apparatus of the present invention performs data processing such as for account settlement by credit or payment by electronic money by the information storage medium. If judging the IC chip not to be legal, the data processing apparatus of the present invention does not perform the data processing such as for account settlement by credit or payment by electronic money by the information storage medium, and it is possible to prevent a malicious third person from illegally using the IC card.
- A method of the present invention is a genuine/counterfeit judgment method executed by a reader device reading information from an information storage medium, wherein the information storage medium includes an IC chip executing a command transmitted from the reader device; and the genuine/counterfeit judgment method includes: transmitting the command to the information storage medium; and extracting feature points of the IC chip from plural response signals from the information storage medium and judging whether the IC chip is a genuine or counterfeit one on the basis of the extracted feature points.
- According to this method, it is judged whether an IC chip is a genuine or counterfeit one on the basis of extracted feature points. According to the present invention, it is possible to improve the judgment accuracy of the genuine/counterfeit judgment because of not being influenced by superficial and physical duplication.
- Otherwise, the reader device of the present invention is a reader device reading information from a form or a card, wherein the form or the card includes an IC chip executing a command transmitted from the reader device; and the reader device is configured including: a command transmission section transmitting a command to the IC chip; a transmission control section controlling a rate of transmission at the time of transmitting the command; a required time measurement section measuring each of times required after transmitting the command to the IC chip until receiving a response to the command from the IC chip when the rates of transmission are caused to be different from each other by the transmission control section; an operation time calculation section calculating an operation time required for execution of the command in the IC chip on the basis of the required times measured by the time measurement section; and a genuine/counterfeit judgment section judging whether the IC chip is a genuine or counterfeit one on the basis of the operation time calculated by the operation time calculation section.
- According to this configuration, rates of transmission (communication speeds) at the time of transmitting a command to an IC chip are caused to be different from each other, and a time required after transmitting the command until receiving a response to the command is measured. Then, an operation time required for execution of the command in the IC chip is calculated on the basis of the required times, and it is judged whether the IC chip is a genuine or counterfeit one on the basis of the operation time. According to the present invention, it is possible to perform genuine/counterfeit judgment of an IC chip (genuine/counterfeit judgment of a form or a card) with a smaller operation load and in a shorter time in comparison with image processing. Furthermore, the judgment accuracy of the genuine/counterfeit judgment can be improved because of not being influenced by superficial and physical duplication.
- For example, a time T1 required after transmitting a command at a base speed (106 kbps) until receiving a response is measured first, and a required time T2 required after transmitting the command at a double speed (212 kbps) until receiving a response is measured next. In this case, “(T1−T2)×2” can be thought to be a communication time at the base speed, and an operation time required for execution of the command in the IC chip can be thought to be “T1−(T1−T2)×2”. If this operation time is beyond a range of a value to be calculated in the case of a genuine IC chip, the IC chip is judged to be a counterfeit one.
- The reader device of the present invention may have a configuration of further including: an illegal authentication command transmission section transmitting illegal authentication commands to an IC chip, wherein the transmission control section performs control to cause rates of transmission of the plural illegal authentication commands for the IC chip to be different from each other; the time measurement section measures each of times required after transmitting the illegal authentication commands with different transmission rates each other by controlling of the transmission control section to the IC chip until receiving a response to the illegal authentication commands from the IC chip; the operation time calculation section calculates an operation time required for execution of the illegal authentication command in the IC chip on the basis of the required times measured by the time measurement section; and the genuine/counterfeit judgment section judges whether the IC chip is a genuine or counterfeit one on the basis of the operation time calculated by the operation time calculation section.
- According to this configuration, the rates of transmission (communication speed) at the time of transmitting an illegal authentication command to an IC chip are caused to be different from each other, and each of times required after transmitting each of the illegal authentication commands until receiving corresponding one of responses to the illegal authentication command are measured. Then, an operation time required for execution of the illegal authentication command in the IC chip is calculated on the basis of the required times, and it is judged whether the IC chip is a genuine or counterfeit one on the basis of the operation time.
- In general, in a genuine IC chip, there is not a major difference between an operation time for processing an illegal authentication command has been transmitted and an operation time for processing a legal authentication command has been transmitted. On the other hand, in a counterfeit IC chip, there is a major difference between an operation time for processing an illegal authentication command has been transmitted and an operation time for processing a legal authentication command has been transmitted because of a reason that the IC chip is not a special-purpose product (exclusive goods), or the like. Therefore, if there is a major difference between operation times, the IC chip can be judged to be a counterfeit one.
- The reader device of the present invention may have a configuration further including: a database section storing data of an operation time for judging an IC chip to be a genuine one and an operation time for judging the IC chip to be a counterfeit one as data for a genuine/counterfeit judgment of the IC chip; and a data update section updating the data for genuine/counterfeit judgment of the IC chip stored in the database section on the basis of a result of genuine/counterfeit judgment of the IC chip by judgment means other than the genuine/counterfeit judgment section.
- According to this configuration, the database section stores data for genuine/counterfeit judgment of an IC chip (data of an operation time calculated in the case of a genuine IC chip and an operation time calculated in the case of a counterfeit IC chip), and the data is updated on the basis of a result of genuine/counterfeit judgment of the IC chip by judgment means other than the genuine/counterfeit judgment section (for example, genuine/counterfeit judgment using an image or magnetism). Thereby, the data (the data for genuine/counterfeit judgment of the IC chip) stored in a database section is appropriately updated, and the accuracy of genuine/counterfeit judgment of an IC chip by the genuine/counterfeit judgment section is improved.
- In the reader device of the present invention, the database section may have a configuration in which, for each (released) generation of an IC chip, the data of the operation time for judging the IC chip to be a genuine one and the operation time for judging the IC chip to be a counterfeit one is stored.
- According to this configuration, it is possible to perform genuine/counterfeit judgment corresponding to the generation of the IC chip. For example, the operation time of an IC chip of the first generation (a first-generation IC chip) is longer than the operation time of an IC chip of the next generation (a second-generation IC chip). Therefore, when genuine/counterfeit judgment is performed on the basis of the operation time of an IC chip without consideration of plural generations on IC chips to be distributed, there is a possibility of occurrence of wrong judgment. In the present invention, it is possible to prevent occurrence of such wrong judgment by performing genuine/counterfeit judgment in consideration of the operation time on IC chip varying in response to the difference in generation.
- A method of the present invention is a genuine/counterfeit judgment method executed by a reader device reading information from a form or a card, wherein the form or the card includes an IC chip executing a command transmitted from the reader device; and the genuine/counterfeit judgment method includes: transmitting the command to an IC chip; performing control to cause rates of transmission at the time of transmitting the command to be different from each other; measuring each of times required after transmitting the command to the IC chip until receiving a response to the command from the IC chip when the rates of transmission are caused to be different from each other; calculating an operation time required for execution of the command in the IC chip on the basis of the required times which have been measured; and judging whether the IC chip is a genuine or counterfeit one on the basis of the calculated operation time.
- According to this method also, rates of transmission (communication speeds) at the time of transmitting a command to an IC chip are caused to be different from each other, and a time required after transmitting the command until receiving a response to the command is measured, similarly to the above description. Then, an operation time required for execution of the command in the IC chip is calculated on the basis of the required times, and it is judged whether the IC chip is a genuine or counterfeit one on the basis of the operation time. Therefore, it is possible to perform genuine/counterfeit judgment of an IC chip (genuine/counterfeit judgment of a form or a card) with a smaller operation load and in a shorter time in comparison with image processing. Furthermore, the judgment accuracy of the genuine/counterfeit judgment can be improved because of not being influenced by superficial and physical duplication.
- The present invention makes it possible to calculate an operation time required for execution of a command in an IC chip included in a form or a card with a reader device and perform genuine/counterfeit judgment of the IC chip on the basis of the operation time and can provide the reader device having an advantage of capable of performing genuine/counterfeit judgment of a form or a card in a short time. Furthermore, it is possible to improve the judgment accuracy of the genuine/counterfeit judgment because of not being influenced by superficial and physical duplication.
- Reader devices of embodiments of the present invention will be described below with the use of drawings.
- In a first embodiment, a case of a reader device which reads information from a form (for example, a passport which includes an IC chip) will be described as an example. This reader device is provided with a function of discriminating a counterfeit passport.
- A configuration of a reader device of the first embodiment of the present invention will be described with reference to drawings.
FIG. 1 is a block diagram showing the reader device of the first embodiment. As shown inFIG. 1 , thereader device 1 is provided with a photographingsection 3 which photographs an image of apassport 2, and a wireless communication interface section 4 (a wireless communication IF section 4) which performs wireless communication with thepassport 2. The wireless communication IFsection 4 transmits, for example, plural authentication commands to thepassport 2. Thepassport 2 includes anIC chip 5 which executes the authentication commands transmitted from thereader device 1. - The
reader device 1 is also provided with acontrol section 6 which performs control for genuine/counterfeit judgment of thepassport 2, a storage section 7 in which data for genuine/counterfeit judgment of thepassport 2 is stored, a wired communication interface section 10 (a wired communication IF section 10) which performs wired communication with acomputer apparatus 8, which is a terminal for display (or a terminal for control) or adatabase section 9. - The
control section 6 is provided with atransmission control section 11, a requiredtime measurement section 12, an operationtime calculation section 13 and a genuine/counterfeit judgment section 14. Thetransmission control section 11 performs control to cause rates of transmission for transmitting the plural authentication commands to be different from each other. The requiredtime measurement section 12 measures each of times required after transmitting each of the plural authentication commands to theIC chip 5 until receiving a response to the authentication command from theIC chip 5 for each of the plural authentication commands when the rates of transmission are caused to be different from each other by thetransmission control section 11. The operationtime calculation section 13 calculates an operation time required for execution of the authentication command in theIC chip 5 on the basis of several required times measured by the time measurement section. The genuine/counterfeit judgment section 14 judges whether theIC chip 5 is a genuine or counterfeit one on the basis of the operation time calculated by the operationtime calculation section 13. - The wireless communication IF
section 4 transmits plural illegal authentication commands (plural illegal authentication commands for genuine/counterfeit judgment) to thepassport 2. TheIC chip 5 of thepassport 2 can execute the illegal authentication commands. In that case, thetransmission control section 11 performs control to cause rates of transmission for transmitting the plural illegal authentication commands to be different from each other. The requiredtime measurement section 12 measures each of times required after transmitting each of the plural illegal authentication commands to theIC chip 5 until receiving a response to the illegal authentication command from theIC chip 5 for each of the plural illegal authentication commands when the rates of transmission are caused to be different from each other by thetransmission control section 11. The operationtime calculation section 13 calculates an operation time required for execution of the illegal authentication command in theIC chip 5 on the basis of several required times measured by the time measurement section. The genuine/illegalauthentication judgment section 14 can also judge genuine/illegal authentication of theIC chip 5 on the basis of the operation time calculated by the operationtime calculation section 13 when the illegal authentication command is used. - Here, measurement of the required times and calculation of the operation time will be described with reference to drawings.
FIG. 2 is a diagram illustrating a time required after thereader device 1 transmitting an authentication command (or an illegal authentication command) to theIC chip 5 until receiving a response. As shown inFIG. 2 , the “required time” is the sum total of a “communication time” at the time of thereader device 1 transmitting an authentication command to theIC chip 5, an “operation time” required for execution of the authentication command in theIC chip 5, and a “communication time” at the time of thereader device 1 receiving a response from theIC chip 5. -
FIG. 3 is a diagram illustrating how to calculate an operation time from required times. As shown inFIG. 3( a), a required time T1 required when an authentication command has been transmitted at a base speed (for example, 106 kbps) is the sum total of an “operation time” required for execution of the authentication command in theIC chip 5 and “communication times” required at the time of transmitting the authentication command and at the time of receiving a response. As shown inFIG. 3( b), a required time T2 required when the authentication command has been transmitted at a double speed (for example, 212 kbps) is the sum total of an “operation time” required for execution of the authentication command in theIC chip 5 and “communication times” required at the time of transmitting the authentication command and at the time of receiving a response. In general, in the case of the same command, a “communication time” at a double speed is half a “communication time” at a base speed. Therefore, as shown inFIG. 3( c), the “communication time” at the base speed can be calculated as “(T1−T2)×2”, and the “operation time” can be calculated as “T1−(T1−T2)×2”. - Returning to
FIG. 1 , the description of the configuration of thereader device 1 will be continued. Thedatabase section 9 stores data of an operation time for judging theIC chip 5 to be a genuine one and an operation time for judging theIC chip 5 to be a counterfeit one as data for genuine/counterfeit judgment of theIC chip 5. As shown inFIG. 1 , thecontrol section 6 is provided with adata update section 15 updating the data for genuine/counterfeit judgment of theIC chip 5 stored in thedatabase section 9 on the basis of a result of genuine/counterfeit judgment of theIC chip 5 by judgment means other than the genuine/counterfeit judgment section 14. -
FIG. 4 is a diagram illustrating update of the data for genuine/counterfeit judgment. As shown inFIG. 4( a), before the database is updated (for example, at the time of shipment), theIC chip 5 is judged to be a “genuine” one if an operation time calculated by the operationtime calculation section 13 is included within a predetermined range A (for example, such a rather wide range that distribution of the operation time of agenuine IC chip 5 is included). However, there may be a case where thepassport 2 which is judged to be a “genuine” one by genuine/counterfeit judgment based on the operation time is judged to be a “counterfeit” one by other judgment means (for example, judgment means based on an image or magnetism) (indicated by × marks inFIG. 4) . In such a case, the data for genuine/counterfeit judgment is updated so that a range where judgment of being a “genuine” one is made by the genuine/counterfeit judgment based on the operation time is updated to a range B narrower than an original range A (for example, a range after excluding the part where theIC chip 5 is judged to be a “counterfeit” one by the other judgment means), as shown inFIG. 4( b). - The
database section 9 stores data of an operation time calculated in the case of agenuine IC chip 5 and an operation time calculated in the case of acounterfeit IC chip 5 for each generation of theIC chip 5. For example,FIG. 5 is a diagram showing an example of an operation time for each generation of theIC chip 5. As shown inFIG. 5 , in the case of a first-generation IC chip 5, theIC chip 5 is judged to be a “genuine” one if an operation time calculated by the operationtime calculation section 13 is included within a predetermined range X. In the case of a second-generation IC chip 5, theIC chip 5 is judged to be a “genuine” one if an operation time calculated by the operationtime calculation section 13 is included within a predetermined range Y. In the case of a third-generation IC chip 5, theIC chip 5 is judged to be a “genuine” one if an operation time calculated by the operationtime calculation section 13 is included within a predetermined range Z. - An operation of the
reader device 1 configured as described above will be described with reference to drawings. -
FIG. 6 is a flowchart illustrating a flow of an operation when rates of transmission at the time of transmitting an authentication command are caused to be different from each other to perform genuine/counterfeit judgment of the IC chip 5 (genuine/counterfeit judgment of the passport 2). As shown inFIG. 6 , thereader device 1 measures the required time T1 required after transmitting a (legal) authentication command to theIC chip 5 at the base speed (S10) until receiving a response from the IC chip 5 (S11) first. Next, thereader device 1 measures the required time T2 required after transmitting the (legal) authentication command to theIC chip 5 at the double speed (S12) until receiving a response from the IC chip 5 (S13). - The
reader device 1 calculates an operation time Tc required for execution of the authentication command in theIC chip 5 from the required times T1 and T2 measured as described above (S14). Then, if the operation time Tc calculated as described above is not within a predetermined range specified for the generation corresponding to the IC chip 5 (S15), it is judged that theIC chip 5 is a “counterfeit” one, that is, thepassport 2 is a “counterfeit” one (S19). - On the other hand, if the operation time Tc is within the predetermined range specified for the generation corresponding to the IC chip 5 (S15), the above steps S10 to S14 are executed with the use of illegal authentication data to calculate an operation time Tf (S16). Then, if a difference between the operation times “Tf−Tc” is small (S17), it is judged that the
IC chip 5 is a “genuine” one, that is, thepassport 2 is a “genuine” one (S18). On the other hand, if the difference between the operation times “Tf−Tc” is large (S17), it is judged that theIC chip 5 is a “counterfeit” one, that is, thepassport 2 is a “counterfeit” one (S19). - Though an example of transmitting an authentication command with the rate of transmission called “a base speed” and the authentication command with the different rate of transmission called “a double speed” has been described here, it may be also available of transmitting the authentication command with the rate of transmission called “a quad-speed” and the authentication command with the rate of transmission called “an 8× speed”.
- According to the
reader device 1 of the first embodiment as described above, it is possible to calculate an operation time required for execution of an authentication command in theIC chip 5 of thepassport 2 with thereader device 1 to judge whether theIC chip 5 is a genuine or counterfeit one on the basis of the operation time, and, therefore, it is possible to perform genuine/counterfeit judgment of thepassport 2 in a short time. - That is, in the first embodiment, the rates of transmission (communication speeds) at the time of transmitting an authentication command to the
IC chip 5 are caused to be different from each other, and the required times T1 and T2 required after transmitting each of the plural authentication commands until receiving a response to the authentication command are measured. Then, the operation time Tc required for execution of the authentication command in theIC chip 5 is calculated on the basis of the required times T1 and T2, and it is judged whether theIC chip 5 is a genuine or counterfeit one on the basis of this operation time Tc. According to thereader device 1 of the first embodiment, it is possible to perform genuine/counterfeit judgment of the IC chip 5 (genuine/counterfeit judgment of the passport 2) with a smaller operation load and in a shorter time in comparison with image processing. - For example, the required time T1 required when the authentication command has been transmitted at the base speed (106 kbps) is measured first, and the required time T2 required when the authentication command has been transmitted at the double speed (212 kbps) is measured next. In this case, “(T1−T2)×2” can be thought to be a communication time at the base speed, and the operation time Tc required for execution of the authentication command in the
IC chip 5 can be thought to be “T1−(T1−T2)×2”. If this operation time Tc is beyond a range of a value to be calculated in the case of agenuine IC chip 5, theIC chip 5 is judged to be a counterfeit one. - In the first embodiment, the rates of transmission (communication speeds) at the time of transmitting an illegal authentication command to the
IC chip 5 are caused to be different from each other, and each of required times T1 and T2 required after transmitting each of the illegal authentication commands until receiving corresponding one of responses to the illegal authentication command are measured. Then, the operation time Tf required for execution of the illegal authentication command in theIC chip 5 is calculated on the basis of the required times T1 and T2, and it is judged whether theIC chip 5 is a genuine or counterfeit one on the basis of this operation time Tf and the above operation time Tc. - In general, in a
genuine IC chip 5, there is not a major difference between an operation time for processing an illegal authentication command has been transmitted and an operation time for processing a legal authentication command has been transmitted. On the other hand, in acounterfeit IC chip 5, there is a major difference between an operation time for processing an illegal authentication command has been transmitted and an operation time for processing a legal authentication command has been transmitted because of a reason that theIC chip 5 is not a special-purpose product (exclusive goods), or the like. Therefore, if there is a major difference between operation times, theIC chip 5 can be judged to be a counterfeit one. - In the first embodiment, data for genuine/counterfeit judgment of the IC chip 5 (data of an operation time for judging the
IC chip 5 to be a genuine one and of an operation time for judging theIC chip 5 to be a counterfeit one) is stored in thedatabase section 9, and the data is updated on the basis of a result of genuine/counterfeit judgment of theIC chip 5 by judgment means other than the genuine/counterfeit judgment section 14 (for example, genuine/counterfeit judgment using an image or magnetism). Thereby, the data (the data for genuine/counterfeit judgment of the IC chip 5) stored in thedatabase section 9 is appropriately updated, and the accuracy of genuine/counterfeit judgment of theIC chip 5 by the genuine/counterfeit judgment section 14 is improved. - In the first embodiment, it is possible to perform genuine/counterfeit judgment corresponding to the generation of the
IC chip 5. For example, the operation time of anIC chip 5 of the first generation (a first-generation IC chip 5) is longer than the operation time of anIC chip 5 of the next generation (a second-generation IC chip 5). Therefore, when genuine/counterfeit judgment is performed on the basis of the operation time of anIC chip 5 without consideration of plural generations onIC chips 5 to be distributed, there is a possibility of occurrence of wrong judgment. In thereader device 1 of the first embodiment, it is possible to prevent occurrence of such wrong judgment by performing genuine/counterfeit judgment in consideration of the operation time onIC chip 5 varying in response to the difference in generation. - The first embodiment of the present invention has been described as an example. However, the scope of the present invention is not limited thereto but can be changed or modified according to purposes within the scope described in the claims.
- For example, the case of the
reader device 1 which reads information from a form which includes theIC chip 5 has been described in the above description. However, the scope of the present invention is not limited thereto, and areader device 1 which reads information from a card which includes theIC chip 5 is also possible. - In a second embodiment, a case of a reader device which reads information from an IC card, for example, a credit card which includes an IC chip will be described as an example. The reader device in the second embodiment is provided with a function of discriminating a counterfeit IC card.
- A configuration of a reader device of the second embodiment of the present invention will be described with reference to drawings.
FIG. 7 is a block diagram showing the reader device of the second embodiment. As shown inFIG. 7 , the photographingsection 3 which photographs an image of thepassport 2 and aPIN pad 23 are for inputting a password to perform card holder authentication for confirming whether the user of an IC card 22 is a legal holder or not. Areader device 21 contactlessly performs short distance communication with the IC card 22 via a short distance communication interface section 24 (short distance communication IF section 24). Thereader device 21 performs communication with asettlement center 29 at a long distance via a wired long distance communication interface section 30 (long distance communication IF section 30). However, this communication with thesettlement center 29 may be performed via wireless communication. Acontrol section 26 of thereader device 21 controls thesePIN pad 23, short distance communication IFsection 24 and long distance communication IFsection 30. Data for genuine/counterfeit judgment of the IC card 22 is stored in astorage section 27. - The wireless communication IF
section 24 transmits, for example, a card holder authentication command (hereinafter referred to as a “CH authentication command”) to the IC card 22. The IC card 22 includes anIC chip 25 which executes the CH authentication command transmitted from thereader device 21. TheIC chip 25 has a CPU as well as a ROM storing an execution program and a cryptographic algorithm, a RAM which is a memory for data processing, an EEPROM which is a memory for storing data, a co-processor for processing a public key cryptographic algorithm at a high speed and the like. A communication antenna not shown which is for performing communication with the reader device to be described later is connected to thisIC chip 25. The IC card 22 also has a magnetic stripe (not shown) in which a card number and the like are recorded, though it is not shown. The card number is recorded not only in this magnetic stripe but also stored in theIC chip 25. - When a password is inputted to the
PIN pad 23, thecontrol section 26 of thereader device 21 embeds, for example, data obtained by processing the password with a one-way function, such as a hash function, or a cryptographic function into a CH authentication command in acommand generation section 36. The CH authentication command is sent to the IC card 22 from thereader device 21 via the wireless communication IFsection 24. The IC card 22 interprets the CH authentication command. Next, the inputted data (the data obtained by processing the password with a one-way function, such as a hash function, or a cryptographic function) and data obtained by performing processing similar to the above for a reference password stored in the IC card 22 are collated with each other. Then, a result of the collation is transmitted to thereader device 21 via the wireless communication IFsection 24. The reference password is stored in the memory of the IC card 22 in a manner that it can be never read out. Only the collation result is notified to thereader device 21 from the IC card 22. - A difference between the reader device 1 (see
FIG. 1 ) in the first embodiment described before and the reader device 21 (seeFIG. 7 ) in the second embodiment is as follows. That is, those corresponding to the photographingsection 3 which photographs an image of thepassport 2 and thecomputer apparatus 8 which is a terminal for display inFIG. 1 showing the first embodiment do not exist inFIG. 7 showing the second embodiment. Instead, thereader device 21 of the second embodiment is provided with thePIN pad 23 which does not exist in thereader device 1 of the first embodiment. It is thepassport 2 that thereader device 1 shown inFIG. 1 reads via the wireless communication IFsection 4, while it is the IC card 22 that thereader device 21 shown inFIG. 7 reads via the wireless communication IFsection 24. Furthermore, thesettlement center 29 in the second embodiment is physically far away from thereader device 21 and connected to thereader device 21 via the Internet or a telephone line. In the second embodiment, connection between thereader device 21 and thesettlement center 29 is assumed to be wired communication. However, if thereader device 21 is a mobile terminal, wireless communication is also possible. Though there are other small differences, the control section 6 (seeFIG. 1 ) in the first embodiment and the control section 26 (seeFIG. 7 ) in the second embodiment have similar functions and basic configurations. - In
FIG. 7 , thecontrol section 26 in the second embodiment is provided with a communication control section 31, a requiredtime measurement section 32, an operationtime calculation section 33 and a genuine/counterfeit judgment section 34. The communication control section 31 performs control to cause rates of transmission at the time of transmitting a CH authentication command to be different from each other. The requiredtime measurement section 32 measures each of times required after transmitting the CH authentication command to theIC chip 25 until receiving a response to the CH authentication command from theIC chip 25 when the rates of transmission are caused to be different from each other by the communication control section 31. The operationtime calculation section 33 calculates an operation time required for execution of the CH authentication command in theIC chip 25 on the basis of the required times measured by the time measurement section. The genuine/counterfeit judgment section 34 judges whether theIC chip 25 is a genuine or counterfeit one on the basis of the operation time calculated by the operationtime calculation section 33. - The wireless communication IF
section 24 transmits an illegal CH authentication command (an illegal CH authentication command for genuine/counterfeit judgment) to the IC card 22. This illegal CH authentication command is a command specially generated so as to make it easy to detect a card to be a counterfeit one. The details thereof will be described later. TheIC chip 25 of the IC card 22 can execute this illegal CH authentication command. In that case, the communication control section 31 performs control to cause rates of transmission at the time of transmitting the illegal CH authentication command to be different from each other. The requiredtime measurement section 32 measures each of times required after transmitting the illegal CH authentication command to theIC chip 25 until receiving response to the illegal CH authentication command from theIC chip 25 when the rates of transmission are caused to be different from each other by the communication control section 31. The operationtime calculation section 33 calculates an operation time required for execution of the illegal CH authentication command in theIC chip 25 on the basis of the required times measured by the time measurement section. The genuine/illegal authentication judgment section 34 can also judge genuine/illegal authentication of theIC chip 25 on the basis of the operation time calculated by the operationtime calculation section 33 when the illegal CH authentication command is used. - As described before, the control section 6 (see
FIG. 1 ) in the first embodiment and the control section 26 (seeFIG. 7 ) in the second embodiment have similar functions and basic configurations. Therefore, measurement of required times and calculation of an operation time are similar to those described in the first embodiment described before with the use ofFIG. 2 (the diagram illustrating a time required after thereader device 1 transmitting an authentication command (or an illegal authentication command) to theIC chip 5 until thereader device 1 receiving a response thereto). That is, as shown inFIG. 3( a), a required time T1 required when a CH authentication command has been transmitted at a base speed (for example, 106 kbps) is the sum total of an “operation time” required for execution of the CH authentication command in theIC chip 25 and “communication times” at the time of transmitting the CH authentication command and at the time of receiving a response. As shown inFIG. 3( b), a required time T2 required when the CH authentication command has been transmitted at a double speed (for example, 212 kbps) is the sum total of an “operation time” required for execution of the CH authentication command in theIC chip 25 and “communication times” at the time of transmitting the CH authentication command and at the time of receiving a response. In general, in the case of the same command, a “communication time” at a double speed is half a “communication time” at a base speed. Therefore, as shown inFIG. 3( c), the “communication time” at the base speed can be calculated as “(T1−T2)×2”, and the “operation time” can be calculated as “T1−(T1−T2)×2”. - Returning to
FIG. 7 , the description of the configuration of thereader device 21 will be continued. Thestorage section 27 stores data of an operation time for judging theIC chip 25 to be a genuine one and an operation time for judging theIC chip 25 to be a counterfeit one as data for genuine/counterfeit judgment of theIC chip 25, and the data is updated on the basis of a result of genuine/counterfeit judgment of theIC chip 25 by judgment means other than the genuine/counterfeit judgment section 34 (for example, genuine/counterfeit judgment using an image which includes a hologram mark or a magnetic stripe). Therefore, thecontrol section 26 is provided with adata update section 35 which updates the data for genuine/counterfeit judgment of theIC chip 25 stored in thestorage section 27. Thereader device 21 acquires the updated data from thesettlement center 29. As described before, thesettlement center 29 in the second embodiment is physically far away from thereader device 21 and connected to thereader device 21 via the Internet or a telephone line. In the second embodiment, communication between thereader device 21 and thesettlement center 29 is assumed to be wired communication. However, if thereader device 21 is a mobile terminal, wireless communication is also possible. Thereby, the data (the data for genuine/counterfeit judgment of the IC chip 25) stored in thestorage section 27 is appropriately updated, and the accuracy of genuine/counterfeit judgment of theIC chip 25 by the genuine/counterfeit judgment section 34 is improved. - As for update of the data for genuine/counterfeit judgment by the
data update section 35 also, the update does not differ from that of thedata update section 15 in the first embodiment (seeFIG. 1 ) so much and is similar to that described before with the use ofFIG. 4 . That is, as shown inFIG. 4( a), before the database is updated (for example, at the time of shipment), if the operation time calculated by the operationtime calculation section 33 is included within a predetermined range A (for example, such a rather wide range that distribution of the operation time of agenuine IC chip 25 is included), theIC chip 25 is judged to be a “genuine” one. However, there may be a case where the IC card 22 which is judged to be a “genuine” one by genuine/counterfeit judgment based on an operation time is judged to be a “counterfeit” one by other judgment means (for example, judgment means based on an image which includes a hologram mark or a magnetic stripe) (indicated by × marks inFIG. 4) . In such a case, the data for genuine/counterfeit judgment is updated so that a range where judgment of being a “genuine” one is made by the genuine/counterfeit judgment based on the operation time is updated to a range B narrower than an original range A (for example, a range after excluding the part where theIC chip 25 is judged to be a “counterfeit” one by the other judgment means), as shown inFIG. 4( b). - As for the point of judging whether the
IC chip 25 is a genuine or counterfeit one, using a different operation time for each generation of theIC chip 25, the point is similar to the description made with the use ofFIG. 5 in the first embodiment described before (a diagram showing an example of an operation time for each generation of the IC chip). That is, thestorage section 27 stores data of an operation time calculated in the case of agenuine IC chip 5 and an operation time calculated in the case of acounterfeit IC chip 25 for each generation of theIC chip 25. In the case of a first-generation IC chip 25, theIC chip 25 is judged to be a “genuine” one if an operation time calculated by the operationtime calculation section 33 is included within a predetermined range X. In the case of a second-generation IC chip 25, theIC chip 25 is judged to be a “genuine” one if an operation time calculated by the operationtime calculation section 33 is included within a predetermined range Y. In the case of a third-generation IC chip 25, theIC chip 25 is judged to be a “genuine” one if an operation time calculated by the operationtime calculation section 33 is included within a predetermined range Z. The generation of theIC chip 25 which should be mounted on an IC card 22 for which genuine/counterfeit judgment is to be performed can be known, for example, from a magnetic stripe (not shown) or a card number recorded in theIC chip 25. As for the information, a reference table may be registered with thestorage section 27, or an inquiry may be made to thesettlement center 29. - As for the operation of the
reader device 21 configured as described above, the operation is similar to that described with the use ofFIG. 6 (a flowchart illustrating a flow of the operation at the time of performing genuine/counterfeit judgment of an IC chip) in the first embodiment described before. That is, thereader device 21 measures a required time T1 required after transmitting a (legal) CH authentication command to theIC chip 25 at the base speed (S10) until receiving a response from the IC chip 25 (S11) first. Next, thereader device 21 measures a required time T2 required after transmitting the (legal) CH authentication command to theIC chip 25 at the double speed (S12) until receiving a response from the IC chip 25 (S13). - The
reader device 21 calculates an operation time Tc required for execution of the CH authentication command in theIC chip 25 from the required times T1 and T2 measured as described above (S14). Then, if the operation time Tc calculated as described above is not within a predetermined range specified for the generation corresponding to the IC chip 25 (S15), it is judged that theIC chip 25 is a “counterfeit” one, that is, the IC card 22 is a “counterfeit” one (S19). - On the other hand, if the operation time Tc is within the predetermined range specified for the generation corresponding to the IC chip 25 (S15), the above steps S10 to S14 are executed with the use of an illegal CH authentication command to calculate an operation time Tf (S16). Then, if a difference between the operation times “Tf−Tc” is small (S17), it is judged that the
IC chip 25 is a “genuine” one, that is, the IC card 22 is a “genuine” one (S18). On the other hand, if the difference between the operation times “Tf−Tc” is large (S17), it is judged that theIC chip 25 is a “counterfeit” one, that is, the IC card 22 is a “counterfeit” one (S19). - Though an example of transmitting a CH authentication command with the rate of transmission called “a base speed” and the CH authentication command with the different rate of transmission called “a double speed” has been described here, it may be also available of transmitting the CH authentication command with the rate of transmission called “a quad-speed” and the CH authentication command with the rate of transmission called “an 8× speed”.
- According to the
reader device 21 of the second embodiment described above, it is possible to calculate an operation time required for execution of a CH authentication command in theIC chip 25 of the IC card 22 with thereader device 21 to judge whether theIC chip 25 is a genuine or counterfeit one on the basis of the operation time, and, therefore, it is possible to perform genuine/counterfeit judgment of the IC card 22 in a short time. - That is, in the second embodiment, the rates of transmission (communication speeds) at the time of transmitting a CH authentication command to the
IC chip 25 are caused to be different from each other, and the required times T1 and T2 required after transmitting each of the plural CH authentication commands until receiving responses to the CH authentication commands are measured. Then, the operation time Tc required for execution of the authentication command in theIC chip 25 is calculated on the basis of the required times T1 and T2, and it is judged whether theIC chip 25 is a genuine or counterfeit one on the basis of this operation time Tc. According to thereader device 21 of the second embodiment, by using genuine/counterfeit judgment of theIC chip 25 according to the present invention in addition to genuine/counterfeit judgment means based on an image which includes a hologram mark or a magnetic stripe, it is possible to perform genuine/counterfeit judgment of an IC card 22 more certainly. - For example, the required time T1 required when the CH authentication command has been transmitted at the base speed (106 kbps) is measured first, and the required time T2 when the CH authentication command has been transmitted at the double speed (212 kbps) is measured next. In this case, “(T1−T2)×2” can be thought to be a communication time at the base speed, and an operation time Tc required for execution of the CH authentication command in the
IC chip 25 can be thought to be “T1−(T1−T2)×2”. If this operation time Tc is beyond a range of a value to be calculated in the case of agenuine IC chip 25, theIC chip 25 is judged to be a counterfeit one. - In the second embodiment, the rates of transmission (communication speeds) at the time of transmitting an illegal CH authentication command to the
IC chip 25 are caused to be different from each other, and required times T1 and T2 required after transmitting each of the plural illegal CH authentication commands until receiving response to the illegal CH authentication command are measured. Then, the operation time Tf required for execution of the illegal CH authentication command in theIC chip 25 is calculated on the basis of the required times T1 and T2, and it is judged whether theIC chip 25 is a genuine or counterfeit one on the basis of this operation time Tf and the above operation time Tc. - In general, in a
genuine IC chip 25, there is not a major difference between an operation time for processing an illegal CH authentication command has been transmitted and an operation time for processing a legal CH authentication command has been transmitted. On the other hand, in acounterfeit IC chip 5, there is a major difference between an operation time for processing an illegal CH authentication command has been transmitted and an operation time for processing a legal CH authentication command has been transmitted because of a reason that theIC chip 5 is not a special-purpose product (exclusive goods), or the like. Therefore, if there is a major difference between operation times, theIC chip 5 can be judged to be a counterfeit one. - The reason is as follows.
- One of methods of attacking the
IC chip 25 for a malicious third person to guess and steal important information such as key data implemented in theIC chip 25, is using variation of an operation time due to difference among key values Therefore, the provider (supplier) of theIC chip 25 improves a CH authentication command collation algorithm so that operation time difference among different key values or different password input values is reduced when releasing a new-generation IC chip. The latest-generation IC chip is securely managed by its provider (supplier) or a card company. If counterfeit occurs, the counterfeit IC card is made with the use of an old IC chip. Therefore, if a great difference occurs between operation times, theIC chip 25 is judged to be counterfeited with the use of an old-generation one. - On the contrary, the provider (supplier) of the
IC chip 25 may change the design of a new-generation IC chip so as to reduce power consumption of theIC chip 25. As a result, an operation time in the case where a CH authentication command has been transmitted to the new-generation IC chip may be longer than that of an old-generation IC chip. In that case also, operation time variation between the case where a legal CH authentication command has been transmitted to the new-generation IC chip and the case where an illegal CH authentication command has been transmitted to the new-generation IC chip is different from operation time variation of the old-generation IC chip. Therefore, even in such a case, it is possible to judge whether the IC card is a genuine IC card having a proper-generation IC chip or an IC card counterfeited with the use of an old-generation IC chip. Such data about the operation time variation for each generation may be stored in thestorage section 27 of thereader device 21. The data about the operation time variation for each generation may be updated by connection to thesettlement center 29, similarly to operation time data for each generation. - The embodiment of discriminating between a genuine IC card provided with a proper-generation IC chip, which is held by an legal holder, and an IC card counterfeited with the use of an old-generation IC chip, which is held by a malicious third person will be described in more detail.
-
FIG. 8 is a diagram about a case where the reader device reads a genuine IC card provided with a proper-generation IC chip 25A, which is held by a legal holder.FIG. 8( a) is a diagram illustrating a case where aconventional reader device 41 reads theIC card 22A, andFIG. 8( b) is a diagram illustrating a case where thereader device 21 of the second embodiment reads theIC card 22A. InFIG. 8 , it is assumed that the legal holder holds thegenuine IC card 22A which is card-holder-authenticated with a correct password n. It is assumed that theIC chip 25A used for thisgenuine IC card 22A is, for example, the third-generation IC chip 25A inFIG. 5 . The password n and a card number are stored in theIC chip 25A. Thereader device 21 judges that the third-generation IC chip should be mounted on theIC card 22A from the card number stored in theIC chip 25A by referring to a reference table stored in thestorage section 27, which is not shown. - In
FIG. 8( a), theconventional reader device 41 transmits a legal CH authentication command which includes legal encrypted data f(n) obtained by performing certain mathematical processing for the password n, to thegenuine IC card 22A first. In the proper-generation IC chip 25A provided for theIC card 22A, the same function f as is stored in theconventional reader device 41 is stored in advance. Then, the proper-generation IC chip 25A provided for theIC card 22A collates the encrypted data f(n) which is included in the transmitted legal CH authentication command with data f(n) obtained from the password n stored inside the chip with the use of the function f. In this case, f(n)=f(n) is obtained as a matter of course, and, therefore, thegenuine IC card 22A performs transmission to the effect that a result of the collation of the password of thisgenuine IC card 22A indicates that the password is correct. As described above, theconventional reader device 41 judges that thegenuine IC card 22A provided with thelegal IC chip 25A is held by a legal holder, from the correct password n. Then, it becomes possible to perform subsequent credit settlement or payment with electronic money by theconventional reader device 41. - If a password inputted to the
PIN pad 23 is not the correct password n but a wrong password m, theconventional reader device 41 transmits a legal CH authentication command which includes legal encrypted data f(m) obtained by performing certain mathematical processing for the password m, to thegenuine IC card 22A. Then, the proper-generation IC chip 25A provided for theIC card 22A collates the encrypted data f(m) which is included in the transmitted legal CH authentication command with data f(m) obtained from the password n stored inside the chip with the use of the function f. In this case, f(m)≠f(n) is obtained as a matter of course (that is, f(m)=f(n) is not obtained), and, therefore, thegenuine IC card 22A performs transmission of the effect that a result of the collation of the password of thisgenuine IC card 22A indicates that the password is not correct, to theconventional reader device 41. - In comparison, the
reader device 21 of the second embodiment inFIG. 8( b) can also transmit an illegal CH authentication command to be described below to thegenuine IC card 22A, in addition to transmitting a legal CH authentication command (corresponding to steps S21 to S23 inFIG. 9 to be described later) in a procedure similar to that shown inFIG. 8( a). Thereader device 21 may generate illegal encrypted data to be included in this illegal CH authentication command by replacing the correct password n with another password q or by replacing the predetermined function f with another function k. Furthermore, thereader device 21 may generate the illegal encrypted data to be included in this illegal CH authentication command by replacing both of them (corresponding to step S25 inFIG. 9 to be described later). - Then, the
reader device 21 may transmit the illegal CH authentication command to theIC card 22A, for example, at a timing described below.FIG. 9 is a flowchart of a process after a password is inputted to thePIN pad 23 of thereader device 21 until card holder authentication and genuine/counterfeit judgment of an IC card are performed. - When a password p (p=n is obtained if the password p is a correct password) is inputted from the PIN pad 23 (step S21), the
reader device 21 generates encrypted data f(p) using the password p (step S22). Then, thereader device 21 transmits a CH authentication command which includes the encrypted data f(p) (step S23). That is, thereader device 21 transmits a CH authentication command which includes encrypted data which has been generated with the use of the password p inputted from thePIN pad 23 before transmitting an illegal CH authentication command. Then, thereader device 21 confirms whether the password p inputted to thePIN pad 23 is a correct password n or not, that is, whether p=n is obtained or not from a response of theIC card 25A (step S24). If p≠n is obtained, thereader device 21 prompts a person who inputted the password to input a correct password and waits for a password p to be inputted again. If p=n is obtained, the encrypted data f(p) which has been generated with the use of the password p is legal encrypted data f(n). - At this step, if it can be confirmed that the password p inputted with the use of the
PIN pad 23 is the correct password n, thereader device 21 may perform transmission using the legal CH authentication command which includes the legal encrypted data f(n) again at a different rate of transmission. Then, thereader device 21 may derive the operation time (“cal-t” inFIG. 8( b)) of theIC chip 25A mounted on theIC card 22A by the calculation method described before (seeFIG. 6) on the basis of two response signals from theIC card 22A to the two transmissions at the different rates of transmission. Thereby, thereader device 21 can perform a part of genuine/counterfeit judgment of theIC card 22A at this point of time. The generation of theIC chip 25A which should be mounted on theIC card 22A targeted by the genuine/counterfeit judgment can be known to be, for example, the third generation from a card number stored in theIC chip 25A. Therefore, thereader device 21 can check whether the operation time (“cal-t” inFIG. 8( b)) derived by transmitting of the two legal CH authentication commands at the different rates of transmission is included, for example, within a “range Z where judgment of being a genuine one is made for the third generation” inFIG. 5 . Since theIC chip 25A of theIC card 22A shown inFIG. 8 is of the third generation, an operation time derived by the calculation is to be within this range Z (that is, “cal-t: 3G” is obtained inFIG. 8( b)). - If the IC card proves to be a counterfeit one at this stage, the
reader device 21 may put an end to the genuine/counterfeit judgment process at this point of time and disable the IC card immediately. However, thereader device 21 in the second embodiment further performs a procedure to be described later to make sure that the genuine/counterfeit judgment is completely performed. By the procedure to be described later, thereader device 21 can derive the operation time of theIC card 22A using an illegal CH authentication command. Then, thereader device 21 can determine a difference between this operation time derived with the use of the illegal CH authentication command (“cal-t” inFIG. 8( b)) and the operation time derived with the use of the legal CH authentication command before, that is, a “variation between the operation times” (“cal-Δt” inFIG. 8( b)). Due to each operation time and the “variation between the operation times”, thereader device 21 can perform genuine/counterfeit judgment of theIC card 22A more certainly. - That is, the
reader device 21 transmits an illegal CH authentication command which includes illegal encrypted data generated in the method described before, for example, any of f(q), k(n) and k(q) next (step S25). Each illegal CH authentication command is also transmitted twice at different rates of transmission. It is desirable that multiple sets of illegal CH authentication commands are transmitted because of the reason to be described later. Then, thereader device 21 can derive the operation time (“cal-t” inFIG. 8( b)) of theIC chip 25A mounted on theIC card 22A by the calculation method described before (seeFIG. 6) using response signals to the transmissions of the illegal CH authentication commands. Thereader device 21 may, not only decide genuine/counterfeit judgment of theIC card 22A at this step, but also further determines a “difference between operation times” (“cal-tΔ” inFIG. 8( b)) to completely perform the genuine/counterfeit judgment. The “difference between operation times” means each of differences among the operation times obtained by transmitting these illegal CH authentication commands (“cal-t” inFIG. 8( b)) and the operation time derived with the use of the legal CH authentication command before. - As described before, in a
genuine IC chip 25A, there is not a major difference (a difference, that is, “cal-Δt” inFIG. 8( b)) between an operation time for processing an illegal CH authentication command has been transmitted and an operation time for processing a legal CH authentication command has been transmitted. On the other hand, in an illegal IC chip, there is a major difference between an operation time for processing an illegal CH authentication command has been transmitted and an operation time for processing a legal CH authentication command has been transmitted. Therefore, if there is a major difference between operation times due to the difference between CH authentication commands, the IC card mounted with the IC chip can be judged to be a counterfeit one. In thereader device 21 of the second embodiment, data according to generations about the “difference between operation times” is stored in thestorage section 27 in addition to the data about the “operation time” of the IC chip according to generations as shown inFIG. 5 . Thereader device 21 identifies the generation of the IC chip that is supposed to be mounted by the data according to generations, and, if the “difference between operation times” is included within a permissible range of the IC chip of the generation (that is, “cal-Δt: 3G” inFIG. 8( b)), the IC card mounted with the IC chip is judged to be a genuine one (“genuine” inFIG. 8( b)). If the “difference between operation times” is beyond the permissible range (that is, in the case of “cal-Δt: not 3G”), it is judged that there is a possibility that the IC card was counterfeited (“counterfeit”). - As described above, the
reader device 21 performs genuine/counterfeit judgment on the basis of the “operation time” (“cal-t” inFIG. 8( b)) of theIC chip 25A obtained by transmission of the CH authentication command and the “difference between operation times” (“cal-Δt” inFIG. 8( b)), which have been described above (step S26). If it cannot be confirmed that theIC card 22A is a genuine IC card, thereader device 21 makes a notification to the effect that there is a suspicion that a counterfeit IC card is used (step S27) and ends the process flow. If thereader device 21 has multiple display sections, the display may be displayed only for the operator of the reader device without being displayed to the holder of the IC card. Thereader device 21 may notify thesettlement center 29 to that effect. Thereby, other reader devices which perform communication with thesettlement center 29 after the notification also do not perform subsequent account settlement by credit or payment by electronic money by the counterfeit IC card, and it is possible to prevent the malicious third person from illegally using the IC card. - If the
reader device 21 can confirm that theIC card 22A is a genuine IC card, it transmits legal card holder authentication which includes the legal encrypted data f(n) generated from the legal password again at the end. Then, thereader device 21 receives a response signal which confirms that access has been performed with the correct password n, from theIC card 22A and ends the process flow. (In order to clarify a relationship withFIG. 8( b) explained before, each step inFIG. 9 described before is also described inFIG. 8( b)). - As described above, the reason why the
reader device 21 is set so as to, when judging theIC card 22A to be a genuine one, necessarily transmit the CH authentication command which includes the legal encrypted data f(p) both before and after performing genuine/counterfeit judgment of theIC chip 25A is as follows. - Usually, an upper limit of the number of times of password collation is specified for the
IC card 22A. If thereader device 21 is set so as to transmit a CH authentication command which includes legal encrypted data f(p) only after performing genuine/counterfeit judgment of theIC chip 25A, a trouble as shown below occurs. In the case of an illegal CH authentication command used in genuine/counterfeit judgment of an IC chip, a collation result is certainly not correct. Therefore, the genuine/counterfeit judgment of theIC chip 25A itself leads to reduction in the number of times that password collation can be performed. Then, at the point of time when the genuine/counterfeit judgment of theIC chip 25A has ended, theIC card 22A is in a state that the number of times of password collation comes near to the upper limit, and the remaining number of times that collation can be performed is not sufficient. Therefore, if a CH authentication command based on a wrong password m is transmitted from thereader device 21 to theIC card 22A in that state, there is a possibility that the number of times of collation of theIC card 22A exceeds the upper limit. - If the
reader device 21 is set so as to transmit a CH authentication command which includes legal encrypted data f(p) only before performing genuine/counterfeit judgment of theIC chip 25A, a trouble as shown below occurs. That is, due to an illegal CH authentication command used in genuine/counterfeit judgment of theIC chip 25A performed after that, theIC card 22A ends communication with thereader device 21 while the state continues that the number of times of password collation comes near to the upper limit, and the remaining number of times that collation can be performed is not sufficient. If a password inputted to thePIN pad 23 is wrong at the time of causing theIC card 22A to communicate with thereader device 21 after having passed for several days or hours (after the lapse of days or hours), there is also a possibility that the number of times of collating the password of theIC card 22A exceeds the upper limit at that point of time. Therefore, thereader device 21 is set so as to, when judging that theIC card 22A to be a genuine one, be sure to transmit the CH authentication command which includes the legal password data f(n) not only before performing genuine/counterfeit judgment of theIC chip 25A but also after performing the genuine/counterfeit judgment. Thereby, by transmitting the CH authentication command which includes the legal password data f(n) after performing the genuine/counterfeit judgment of theIC card 22A also, the number of times that password collation can be performed can be reset to a maximum value. Then, the holder of theIC card 22A can use theIC card 22A similarly as before without an uncomfortable feeling. - It was stated that it is desirable to use multiple sets of illegal CH authentication commands in genuine/counterfeit judgment of an
IC card 22A. As for this, however, there is a point to be noted. When calculating an operation time at the time of genuine/counterfeit judgment of anIC card 22A, thereader device 21 transmits two CH authentication commands at different rates of transmission each other as described before. Therefore, when multiple sets of illegal CH authentication commands are successively used, twice the number of illegal CH authentication commands are successively transmitted actually. Then, there is a possibility that theIC card 22A is disabled before completion of the genuine/counterfeit judgment. Therefore, it is preferable to, when transmitting multiple sets of illegal CH authentication commands at the time of genuine/counterfeit judgment, transmit a legal CH authentication command between two different sets of illegal CH authentication commands. In this case, it is not necessary to transmit the legal CH authentication command twice at different rates of transmission. It is sufficient to transmit the legal CH authentication command once at any communicate rate. Otherwise, transmission of a legal CH authentication command generated from the same password as the password confirmed to be correct first (steps S21 to S23) at different rates of transmission may be performed between the two different sets of illegal CH authentication commands. In that case, immediately after the password is confirmed first (steps S21 to S23), the transmission of the legal CH authentication command generated from the same password at different rates of transmission may not be performed. Thereby, thereader device 21 can effectively perform genuine/counterfeit judgment of theIC card 22A without unnecessarily increasing the number of times of transmitting the CH authentication command. Anyway, the number of times that password collation of theIC card 22A can be performed is reset to a maximum value by the transmission of the legal CH authentication command. Then, the number of times of collating the password of theIC card 22A never exceeds an upper limit, and it is possible to prevent thegenuine IC card 22A held by a legal holder from being disabled. - Also for genuine/counterfeit judgment of an
illegal IC card 22B to be described later with the use ofFIG. 10 , it is desirable that multiple sets of illegal CH authentication commands are used and a legal CH authentication command is transmitted between two illegal CH authentication commands at each of multiple sets of the illegal CH authentication commands. It is not known whether an IC card targeted by genuine/counterfeit judgment is a genuine or counterfeit one until the genuine/counterfeit judgment is completed. Therefore, even if the IC card is anillegal IC card 22B, it must be treated similarly to a genuine IC card until the genuine/counterfeit judgment is completed. - The
IC chip 25A mounted on theIC card 22A is known to be of a proper generation from the above procedure. Then, theIC card 22A mounted with theIC chip 25A is proved to be a genuine IC card. As described above, thereader device 21 of the second embodiment judges that thegenuine IC card 22A provided with thelegal IC chip 25A is held by a legal holder, from the correct password n. Then, it becomes possible to perform subsequent credit settlement or payment with electronic money by thereader device 21. -
FIG. 10 is a diagram about a case where a reader device reads anIC card 22B counterfeited by a malicious third person with the use of an old-generation IC chip 25B.FIG. 10( a) is a diagram illustrating a case where theconventional reader device 41 reads theIC card 22B, andFIG. 10( b) is a diagram illustrating a case where thereader device 21 of the second embodiment reads theIC card 22B. InFIG. 10 , it is assumed that the malicious third person holds thecounterfeit IC card 22B which is card-holder-authenticated with a password r. Usually, since the malicious third person cannot know the password n of anIC card 22A held by a legal holder, he or she sets an arbitrary password r for thecounterfeit IC card 22B. A third-generation IC chip, which is the latest IC chip in this case, is securely managed by a card company or the like, and it is difficult to steal the third-generation IC chip. Therefore, it is assumed that theIC chip 25B used for thiscounterfeit IC card 22B is, for example, the second-generation IC chip inFIG. 5 . The malicious third person stores a card number in theIC chip 25B in addition to the password r. The card number is the same as that of thegenuine IC card 22A inFIG. 8 . Therefore, thereader device 21 inFIG. 10 judges that a third-generation IC chip should be mounted on theIC card 22B from the card number stored in theIC chip 25B by referring to the reference table stored in thestorage section 27 which is not shown. - In
FIG. 10( a), theconventional reader device 41 transmits a legal CH authentication command which includes legal encrypted data f(r) obtained by performing certain mathematical processing for the password r, to thecounterfeit IC card 22B first. In the old-generation IC chip 25B provided for theIC card 22B, the same function f as is stored in theconventional reader device 41 is stored in advance. Then, the old-generation IC chip 25B provided for theIC card 22B collates the encrypted data f(r) which is included in the transmitted legal CH authentication command with data f(r) obtained from the password n stored inside the chip with the use of the function f. In this case, f(r)=f(r) is obtained as a matter of course, and, therefore, theold IC chip 25B performs transmission to the effect that a result of the collation of the password of thiscounterfeit IC card 22B indicates that the password is correct, to theconventional reader device 41. As a result, theconventional reader device 41 cannot find out that thecounterfeit IC card 22B provided with theillegal IC chip 25B is a counterfeit IC card held by a malicious third person and wrongly judges that theIC card 22B is held by a legal holder. Then, it becomes possible to perform subsequent credit settlement or illegal payment with electronic money by theconventional reader device 41. - Since a case where a password inputted to the
PIN pad 23 is not the password r but a wrong password is similar to the case described with the use ofFIG. 8( a), details thereof is omitted. - In comparison, the
reader device 21 of the second embodiment inFIG. 10( b) can also transmit an illegal CH authentication command to be described below to thecounterfeit IC card 22B, in addition to transmitting a legal CH authentication command (corresponding to steps S21 to S23 inFIG. 9) in a procedure similar to that shown inFIG. 10( a). Thereader device 21 may generate illegal encrypted data to be included in this illegal CH authentication command by replacing the correct password n with another password q or by replacing the predetermined function f with another function k. Furthermore, thereader device 21 may generate the illegal encrypted data to be included in this illegal CH authentication command by replacing both of them (corresponding to step S25 inFIG. 9) . - Similar to the foregoing description for
FIGS. 8 and 9 , when thereader device 21 judges theIC card 22B to be a genuine one, thereader device 21 is set so as to necessarily transmit the CH authentication command which includes the legal encrypted data f(p=r) both before and after performing genuine/counterfeit judgment of theIC chip 25B. - In comparison, the
reader device 21 inFIG. 10( b) uses a procedure described below. That is, when a password p (p=r is obtained if the password p is a correct password) is inputted from the PIN pad 23 (step S21), thereader device 21 generates encrypted data f(p) using the password p first (step S22). Then, thereader device 21 transmits a CH authentication command which includes the encrypted data f(p) (step S23). That is, thereader device 21 transmits a CH authentication command which includes encrypted data which has been generated with the use of the password p inputted from thePIN pad 23 before transmitting an illegal CH authentication command. Then, thereader device 21 confirms whether the password p inputted to thePIN pad 23 is a correct password r or not, that is, whether p=r is obtained or not from a response of theIC card 25B (step S24). If p≠r is obtained, thereader device 21 prompts a person who inputted the password to input a correct password and waits for a password p to be inputted again. If p=r is obtained, the encrypted data f(p) which has been generated with the use of the password p is the legal encrypted data f(r). - At this time, if it can be confirmed that the password p inputted with the use of the
PIN pad 23 is the correct password r, thereader device 21 may perform transmission using the legal CH authentication command which includes the legal encrypted data f(r) again at a different rate of transmission. Then, thereader device 21 may derive the operation time (“cal-t” inFIG. 10( b)) of theIC chip 25B mounted on theIC card 22B by the calculation method described before (seeFIG. 6) on the basis of two response signal from theIC card 22B to the two transmissions at different rates of transmission. Thereby, thereader device 21 can perform a part of genuine/counterfeit judgment of theIC card 22B at this step. The generation of theIC chip 25B which should be mounted on theIC card 22B targeted by the genuine/counterfeit judgment can be known to be, for example, the third generation from a card number stored in theIC chip 25B. Therefore, thereader device 21 can check whether the operation time (“cal-t” inFIG. 10( b)) derived by transmitting of the two legal CH authentication commands at the different rates of transmission is included, for example, within a “range Z where judgment of being a genuine one is made for the third generation” inFIG. 5 . However, since theIC chip 25B of theIC card 22B shown inFIG. 10 is of the second generation, an operation time derived by the calculation is not to be within this range Z (that is, “cal-t: not 3G” is obtained inFIG. 10( b)). - If the
IC card 22B proves to be a counterfeit one at this step, thereader device 21 may put an end to the genuine/counterfeit judgment process and disable theIC card 22B immediately. However, thereader device 21 in the second embodiment further performs a procedure to be described later to make sure that the genuine/counterfeit judgment is completely performed. By the procedure to be described later, thereader device 21 can derive the operation time of theIC card 22B using an illegal CH authentication command. Then, thereader device 21 can determine a difference between the operation time (“cal-t) inFIG. 10( b)) and the operation time derived with the use of the legal CH authentication command before, that is, a “difference between the operation times” (“cal-Δt” inFIG. 10( b)). Due to each operation time and the “difference between the operation times”, thereader device 21 can perform genuine/counterfeit judgment of theIC card 22B more certainly. - That is, the
reader device 21 transmits an illegal CH authentication command which includes illegal encrypted data generated in the method described before, for example, any of f(q), k(n) and k(q) next (step S25). Each illegal CH authentication command is also transmitted twice at different rates of transmission. It is desirable that multiple sets of illegal CH authentication commands are transmitted because of the reason described before. Then, thereader device 21 can derive the operation time (“cal-t” inFIG. 10( b)) of theIC chip 25B mounted on theIC card 22B by the calculation method described before (seeFIG. 6) using response signals to transmissions of the illegal CH authentication commands. Thereader device 21 may, not only decide genuine/counterfeit judgment of theIC card 22B at this step, but also further determines a “difference between operation times” (“cal-tΔ” in FIG. 10(b)) to completely perform the genuine/counterfeit judgment. The “difference between operation times” means each of differences among the operation times obtained by transmitting these illegal CH authentication commands (“cal-t” inFIG. 10( b)) and the operation time derived with the use of the legal CH authentication command before. - As described before, in an
illegal IC chip 25B, there is a major difference (a difference, that is, “cal-Δt” inFIG. 10( b)) between an operation time for processing an illegal CH authentication command has been transmitted and an operation time for processing a legal CH authentication command has been transmitted. TheIC card 22B mounted with theIC chip 25B can be judged to be a counterfeit one. In thereader device 21 of the second embodiment, data according to generations about the “difference between operation times” is stored in thestorage section 27 in addition to the data about the “operation time” of the IC chip according to generations as shown inFIG. 5 . Only by genuine/counterfeit judgment by “operation times”, thereader device 21 may wrongly judge that the generation of theIC chip 25B that is supposed to be mounted on theIC card 22B is the third generation. However, if the “difference between operation times” is not included within the permissible range of the generation of the IC chip (that is, in the case of “cal-Δt: not 3G” inFIG. 10( b)), thereader device 21 can correctly judge that there is a possibility that the IC card was counterfeited (“counterfeit” inFIG. 10( b)). As described above, thereader device 21 can perform genuine/counterfeit judgment of theIC card 22B more certainly. - As described above, the
reader device 21 performs genuine/counterfeit judgment on the basis of the “operation time” (“cal-t” inFIG. 10( b)) of theIC chip 25B obtained by transmission of CH authentication commands and the “difference between operation times” (“cal-Δt” inFIG. 10( b)) (step S26), and can judge that theIC card 22B is a counterfeit one. That is, thereader device 21 finds out that theIC chip 25B mounted on theIC card 22B is not of the proper third-generation and judges that there is a strong possibility that theIC card 22B mounted with theIC chip 25B is a counterfeit IC card. Thereader device 21 of the second embodiment does not judge whether theIC card 22B which is provided with anillegal IC chip 25B is counterfeit or not only by the password r set arbitrarily by a malicious third person. That is, by performing genuine/counterfeit judgment using CH authentication commands at different rates of transmission, thereader device 21 can find out that thisIC card 22B is a counterfeit one (corresponding to “NO” at step S26 inFIG. 9) . Then, subsequent settlement by credit or payment by electronic money is not performed by thereader device 21, and illegal use of theIC card 22B by the malicious third person is prevented. - In addition, the
reader device 21 can take means for preventing thecounterfeit IC card 22B from further being used. As described before, thereader device 21 is set so as to, if theIC card 22B is a genuine one, necessarily transmit a CH authentication command which includes legal encrypted data f(p=r) both before and after genuine/counterfeit judgment of theIC chip 25B. However, if judging there is a suspicion that that theIC card 22B is counterfeited, thereader device 21 does not have to perform transmission of the CH authentication command which includes the legal encrypted data f(p=r) after genuine/counterfeit judgment of theIC chip 25B. Then, after genuine/counterfeit judgment of theIC chip 25B, thereader device 21 may further transmit an illegal authentication command so that the number of times of collating the password of theIC card 22B exceeds an upper limit (step S30 inFIG. 9 ). That is, thereader device 21 sets the number of successive transmissions of the illegal CH authentication command in this case larger than that in the case of judging an IC card to be a genuine one (“more command(s) inFIG. 10( b)). if thereader device 21 ends the process after receiving a collation result of NG and a notification that theIC chip 25B has been made unavailable (“unavailable” inFIG. 10( b)) from theIC chip 25B of the IC card 22 b, the process is performed more completely. As the illegal CH authentication command used then, the illegal CH authentication command already generated at the time of genuine/counterfeit judgment (step 25) may be used. Thereby, thereader device 21 can shorten the time required to generate a new illegal CH authentication command and can make theIC card 22B unavailable quickly and certainly. Anyway, theIC card 22B is made unavailable at that step and can never be used again. Even if a malicious third person attempts to use anIC card 22B again with aconventional reader device 41 after using theIC card 22B with areader device 21 of the second embodiment and running away because it is nearly found that theIC card 22B is a counterfeit one, it is possible to prevent the malicious person from doing it. Then, it is possible to reduce spread of damage due to illegal use of the IC card. - There is a possibility that an operation time derived by calculation as a result of the genuine/counterfeit judgment by transmission of the illegal CH authentication command is included, for example, within the overlapped area of the “range Z where judgment of being a genuine one is made for the third generation” and the “range Y where judgment of being a genuine one is made for the second generation”. Thus, since a derived operation time may be included within a overlapped area where plural generation-ranges overlap, multiple illegal CH authentication commands are prepared so that multiple sets are transmitted to the
IC card 22B as described before (of course, the number of times of the transmission should be set within a range where the upper limit of the number of times of password collation held by theIC card 22B). Thereby, it can be expected that at least one of the operation times derived by calculation as a result of the genuine/counterfeit judgment by transmissions of the illegal CH authentication command is included within a area where plural generation-ranges do not overlap. - Furthermore, even if all operation times derived by calculation are included within a area where plural generation-ranges overlap, as a result of genuine/counterfeit judgment by transmission of multiple sets of illegal CH authentication commands, it is possible to judge that “there is a suspicion of a counterfeit IC card”. If a correct password is used for a genuine IC chip, a derived operation time is not so far away from the center of the “range where judgment of being a genuine one is made” shown in
FIG. 4 or 5. Of course, as described before, the method of determining a difference between an operation time in the case where a legal CH authentication command has been transmitted with the use of a correct password and an operation time in the case where an illegal CH authentication command has been transmitted, that is, a “difference between operation times” exists. It is possible to judge that “there is a suspicion of a counterfeit IC card” if the difference between operation times is equal to or above a threshold set in advance. - Furthermore, the
IC cards FIGS. 8 to 10 of the second embodiment can be applied to the first embodiment. - The second embodiment of the present invention has been described as an example. However, the scope of the present invention is not limited thereto but can be changed or modified according to purposes within the scope described in the claims. In the present embodiment, a passport or an IC card has been taken as an example of an information storage medium. However, other information storage medium, for example, a driver's license is also possible. Furthermore, though an operation time required for judging whether access to the information storage medium is to be authenticated or not and a card number as management information stored in the information storage medium are used as characteristic points the information storage medium has, the scope of the present invention is not limited thereto. For example, biometric authentication information may be used as management information and used as a characteristic point together with an operation time required for calculating whether the biometric information is genuine or counterfeit information. Furthermore, though the same authentication command is transmitted at different rates of transmission to extract the characteristic points in the present embodiment, the scope of the present invention is not limited thereto. For example, means such as changing a modulation method may be used.
- The preferable embodiments of the present invention which are conceivable at present have been described. It is understood that various variations of the present embodiments are possible, and it is intended that all such variations within the true spirit and scope of the present invention are included in accompanying claims.
- As described above, the reader device according to the present invention has an advantage of capable of performing genuine/counterfeit judgment of a form or a card in a short time, and the reader device is useful as a passport reader provided with a function of discriminating a counterfeit passport, an IC card reader/writer provided with a function of discriminating a counterfeit IC credit card and a data processing apparatus, such as a settlement terminal, mounted with the IC card reader/writer.
-
- 1, 21 reader device
- 2 passport
- 3 photographing section
- 4 wireless communication IF section
- 5, 25, 25A, 25B IC chip
- 6, 26 control section
- 7, 27 storage section
- 8 computer apparatus
- 9 database section
- 10, 30 wired communication IF section
- 11 transmission control section
- 12, 32 required time measurement section
- 13, 33 operation time calculation section
- 14, 34 genuine/counterfeit judgment section
- 15, 35 data update section
- 22, 22A, 22B IC card
- 23 PIN pad
- 24 short distance communication IF section
- 29 settlement center
- 30 long distance communication IF section
- 31 communication control section
Claims (12)
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2012-036000 | 2012-02-22 | ||
JP2012036000 | 2012-02-22 | ||
PCT/JP2013/001028 WO2013125245A1 (en) | 2012-02-22 | 2013-02-22 | Reader device, data processing device equipped with same, and authenticity determination method |
Publications (2)
Publication Number | Publication Date |
---|---|
US20140138438A1 true US20140138438A1 (en) | 2014-05-22 |
US9016568B2 US9016568B2 (en) | 2015-04-28 |
Family
ID=49005439
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/234,471 Expired - Fee Related US9016568B2 (en) | 2012-02-22 | 2013-02-22 | Reader device, data processing apparatus mounted with the same and genuine/counterfeit judgment method |
Country Status (3)
Country | Link |
---|---|
US (1) | US9016568B2 (en) |
JP (1) | JP6065284B2 (en) |
WO (1) | WO2013125245A1 (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP3039490A4 (en) * | 2013-08-30 | 2016-08-31 | Hewlett Packard Development Co | Supply authentication via timing challenge response |
US20180189772A1 (en) * | 2016-12-31 | 2018-07-05 | Square, Inc. | Predictive data object acquisition and processing |
US10044710B2 (en) | 2016-02-22 | 2018-08-07 | Bpip Limited Liability Company | Device and method for validating a user using an intelligent voice print |
US10621590B2 (en) | 2017-02-22 | 2020-04-14 | Square, Inc. | Line-based chip card tamper detection |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10460326B2 (en) | 2017-10-24 | 2019-10-29 | Global Circuit Innovations, Inc. | Counterfeit integrated circuit detection by comparing integrated circuit signature to reference signature |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6527173B1 (en) * | 1999-03-30 | 2003-03-04 | Victor Company Of Japan, Ltd. | System of issuing card and system of certifying the card |
US20050138303A1 (en) * | 2003-12-19 | 2005-06-23 | Hideki Nagino | Storage device |
US20060049259A1 (en) * | 1999-09-22 | 2006-03-09 | Sony Corporation | Information processing system, hand held cellular phone, and information processing method |
US7337957B2 (en) * | 2002-03-04 | 2008-03-04 | Sony Corporation | Authentication system authentication method authentication medium manufacturing device and authentication terminal device |
US20090302120A1 (en) * | 2006-09-26 | 2009-12-10 | Kunio Omura | RFID information medium and article to which the medium is attached |
US20100327056A1 (en) * | 2007-11-28 | 2010-12-30 | Susumu Yoshikawa | Payment approval system and method for approving payment for credit card |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPS61139873A (en) | 1984-12-13 | 1986-06-27 | Casio Comput Co Ltd | Authorization system |
US5549953A (en) | 1993-04-29 | 1996-08-27 | National Research Council Of Canada | Optical recording media having optically-variable security properties |
JP2515250B2 (en) | 1993-12-28 | 1996-07-10 | 遠藤 智彦 | Document appraiser |
US5568251A (en) | 1994-03-23 | 1996-10-22 | National Research Council Of Canada | Authenticating system |
FR2733379B1 (en) | 1995-04-20 | 1997-06-20 | Gemplus Card Int | PROCESS FOR GENERATING ELECTRONIC SIGNATURES, ESPECIALLY FOR SMART CARDS |
JP4349323B2 (en) | 2005-05-17 | 2009-10-21 | 株式会社デンソーウェーブ | Communication device and communication synchronization state determination method |
JP4322899B2 (en) | 2006-07-26 | 2009-09-02 | 武藤工業株式会社 | Printing apparatus and printing method |
-
2013
- 2013-02-22 JP JP2013526264A patent/JP6065284B2/en active Active
- 2013-02-22 WO PCT/JP2013/001028 patent/WO2013125245A1/en active Application Filing
- 2013-02-22 US US14/234,471 patent/US9016568B2/en not_active Expired - Fee Related
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6527173B1 (en) * | 1999-03-30 | 2003-03-04 | Victor Company Of Japan, Ltd. | System of issuing card and system of certifying the card |
US20060049259A1 (en) * | 1999-09-22 | 2006-03-09 | Sony Corporation | Information processing system, hand held cellular phone, and information processing method |
US7337957B2 (en) * | 2002-03-04 | 2008-03-04 | Sony Corporation | Authentication system authentication method authentication medium manufacturing device and authentication terminal device |
US20050138303A1 (en) * | 2003-12-19 | 2005-06-23 | Hideki Nagino | Storage device |
US20090302120A1 (en) * | 2006-09-26 | 2009-12-10 | Kunio Omura | RFID information medium and article to which the medium is attached |
US20100327056A1 (en) * | 2007-11-28 | 2010-12-30 | Susumu Yoshikawa | Payment approval system and method for approving payment for credit card |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP3039490A4 (en) * | 2013-08-30 | 2016-08-31 | Hewlett Packard Development Co | Supply authentication via timing challenge response |
US10044710B2 (en) | 2016-02-22 | 2018-08-07 | Bpip Limited Liability Company | Device and method for validating a user using an intelligent voice print |
US20180189772A1 (en) * | 2016-12-31 | 2018-07-05 | Square, Inc. | Predictive data object acquisition and processing |
US10970708B2 (en) * | 2016-12-31 | 2021-04-06 | Square, Inc. | Predictive data object acquisition and processing |
US10621590B2 (en) | 2017-02-22 | 2020-04-14 | Square, Inc. | Line-based chip card tamper detection |
US11113698B2 (en) | 2017-02-22 | 2021-09-07 | Square, Inc. | Line-based chip card tamper detection |
US11669842B2 (en) | 2017-02-22 | 2023-06-06 | Block, Inc. | Transaction chip incorporating a contact interface |
Also Published As
Publication number | Publication date |
---|---|
US9016568B2 (en) | 2015-04-28 |
JP6065284B2 (en) | 2017-01-25 |
JPWO2013125245A1 (en) | 2015-07-30 |
WO2013125245A1 (en) | 2013-08-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
KR101330867B1 (en) | Authentication method for payment device | |
US9016568B2 (en) | Reader device, data processing apparatus mounted with the same and genuine/counterfeit judgment method | |
KR101915676B1 (en) | Card settlement terminal and card settlement system | |
CN108292335B (en) | Biometric device | |
JP2010537334A (en) | Method and apparatus using operation mode for preventing unauthorized use of non-contact portable device by owner | |
US20100280955A1 (en) | Systems and methods for verifying identity | |
CN102375941A (en) | Method and system for validating chip validity by utilizing graphical chip | |
JP2015525386A (en) | Payment device, payment system, and payment method | |
WO2015101166A1 (en) | Method for detecting false card risk and transaction processing system for implementing same | |
JP2015088080A (en) | Authentication system, authentication method, and program | |
JP4050695B2 (en) | Fingerprint inspection method | |
US20200320535A1 (en) | Method for securing an electronic device and corresponding electronic device | |
CA2851898A1 (en) | Biometric-based transaction fraud detection | |
CN105184563A (en) | Safe processing method and apparatus for NFC (Near Field Communication) chip | |
US11403639B2 (en) | Method of auto-detection of an attempted piracy of an electronic payment card, corresponding card, terminal and program | |
US20190156340A1 (en) | Method of dispatching an item of security information and electronic device able to implement such a method | |
CN105580039B (en) | System and method for providing card payment service using smart device | |
TWI627551B (en) | System and method for verifying non-contact sensing tags | |
US11803837B2 (en) | Intelligent real time card alert system to detect suspicious contactless card reader | |
US7971785B2 (en) | Method for authenticating micro-processor cards, corresponding micro-processor card, card reader terminal and programs | |
US20170364907A1 (en) | Method for sending security information | |
JP5231320B2 (en) | Transaction system and management method thereof | |
CN102893285A (en) | System and method for checking the authenticity of the identity of a person accessing data over a computer network | |
JP5322788B2 (en) | Information processing apparatus, information processing method, and program | |
CN110675140A (en) | Payment information processing method, device, equipment and computer readable storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: PANASONIC CORPORATION, JAPAN Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:WAKAO, SATORU;SAKAKI, JUNICHI;REEL/FRAME:032458/0209 Effective date: 20131028 |
|
AS | Assignment |
Owner name: PANASONIC INTELLECTUAL PROPERTY MANAGEMENT CO., LTD., JAPAN Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:PANASONIC CORPORATION;REEL/FRAME:034194/0143 Effective date: 20141110 Owner name: PANASONIC INTELLECTUAL PROPERTY MANAGEMENT CO., LT Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:PANASONIC CORPORATION;REEL/FRAME:034194/0143 Effective date: 20141110 |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
FEPP | Fee payment procedure |
Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1551); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY Year of fee payment: 4 |
|
AS | Assignment |
Owner name: PANASONIC INTELLECTUAL PROPERTY MANAGEMENT CO., LTD., JAPAN Free format text: CORRECTIVE ASSIGNMENT TO CORRECT THE ERRONEOUSLY FILED APPLICATION NUMBERS 13/384239, 13/498734, 14/116681 AND 14/301144 PREVIOUSLY RECORDED ON REEL 034194 FRAME 0143. ASSIGNOR(S) HEREBY CONFIRMS THE ASSIGNMENT;ASSIGNOR:PANASONIC CORPORATION;REEL/FRAME:056788/0362 Effective date: 20141110 |
|
FEPP | Fee payment procedure |
Free format text: MAINTENANCE FEE REMINDER MAILED (ORIGINAL EVENT CODE: REM.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
LAPS | Lapse for failure to pay maintenance fees |
Free format text: PATENT EXPIRED FOR FAILURE TO PAY MAINTENANCE FEES (ORIGINAL EVENT CODE: EXP.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY |
|
STCH | Information on status: patent discontinuation |
Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362 |
|
FP | Lapsed due to failure to pay maintenance fee |
Effective date: 20230428 |